Uncovering the data panopticon: The urgent
need for critical scholarship in an era of corporate and government
surveillance

John L.
Sullivan, Muhlenberg College

Big data and the panoptic sort

In Philip K.
Dick’s 1956 science fiction short story, The Minority Report, crime in a
futuristic United States has been all but extinguished because the police have
discovered the ability to predict future events. In this peaceful dystopia, suspects
are arrested and charged before their crimes are even committed. While real-world law
enforcement agencies cannot (yet) predict future events, the recent revelations about
the scope and nature of the National Security Agency’s (NSA) domestic digital
spying program suggest they have developed some formidable tools to locate would-be
terrorists. Privacy advocates were outraged by whistleblower Edward Snowden’s
revelation that the NSA, in cooperation with technology companies, routinely stored,
processed and analyzed millions of private emails, video chats, online phone calls,
and internet file transfers under the auspices of a program called PRISM. Recent news
reports based upon Snowden’s documents have revealed that even encrypted
emails, documents, and online banking transactions are being regularly accessed by
the NSA (Larson and Shane, 2013).

While these
revelations about domestic digital wiretapping without court orders have caused a
stir in the American and global press, the privacy dangers associated with this type
of data surveillance are not new to the scholarly community. Exactly 20 years ago,
communication scholar Oscar H Gandy Jr (1993) meticulously outlined the growing threat to
individual privacy posed by the cooperation between corporate and government data
gathering in a book called The Panoptic Sort. At a time when the internet was
in its infancy, when desktop computer processing was a fraction of what it is today,
and five years before the founding of Google, Gandy warned that organizations like
Equifax, TRW, and the Direct Marketing Association (DMA) were amassing huge
repositories of consumer data that were gathered passively whenever individuals made
purchases via credit cards. When these data are combined with sophisticated matching
algorithms and sorted against huge government databases like the census, he argued,
they enabled precise tracking of individuals’ behaviors, political views, and
other sensitive private information. The precision of such discrimination transforms
the routine sorting of personal data into a powerful form of institutional power.
Building upon Foucault’s (1995)
seminal analysis of disciplinary systems in society, Gandy argued that the scale of
the data collection and analysis performed by government and corporate institutions
created a panopticon wherein citizen actions would eventually become
circumscribed within an ever-widening net of personal data surveillance. The end
result, he observed, is “an antidemocratic system of control that cannot be
transformed because it can serve no purpose other than that for which it was
designed—the rationalization and control of human existence”(Gandy, 1993: 227).

We’ve come
a long way since 1993. Who could have imagined services like Facebook, Twitter, and
Tumblr that not only encourage, but actively incentivize the voluntary dissemination of
personal information online? Over the past 20 years, the centrality of the internet to
the global communications infrastructure has made it a target for the type of panoptic
sorting that Gandy described. Now that the world knows about PRISM, it is tempting to
imagine that enhanced public scrutiny will effectively limit these programs. I
don’t think that is likely. In fact, there are four specific trends that foretell
a greater expansion of the data panopticon:

convergence and the
central place of software in social, commercial and political systems;

the growing
importance of metadata for routing, storage and sorting of information;

the global business
of data storage and retrieval;

the blurring of
lines between corporate and government data mining.

The convergence of digital technologies and the
importance of software

In the previous
era of analog technologies, such as wired telephones and reel-to-reel tapes, each
specific technology had a limited range of capabilities alongside a specific set of
legal standards to accompany their use. The Wiretap Act of 1968, for example, prohibits
law enforcement from wiretapping telephones without a court order because doing so
would violate the 4th Amendment protections of both the suspect and anyone
that communicates with them. Today, there are few discrete technologies anymore. Thanks
to technological convergence, almost all forms of communication today utilize some form
of digital communication, and many do this via the Internet. Software has now replaced
specific forms of communication hardware as the nexus for new types of digital
communication, from Skype and FaceTime to emails and tweets. Creating legal precedents
for protecting individual privacy throughout this myriad of new options has been
difficult. Indeed, new options are emerging all the time, and software is extremely
fungible in functionality as it adapts quickly to new situations and uses. We lack a
coherent legal regime to counteract the interception of these communications. For
example, Skype phone calls can be protected under the existing federal wiretap laws,
but emails and text messages cannot.

The rise of metadata

The expansion of
online communications has generated an explosion of metadata. Metadata are the
transaction records that are generated whenever you send an email or text message. It
identifies the location from which the message was sent, when it was sent, the subject
of the message, the recipient(s) of the message, the web address of the recipient(s),
and more. The Obama Administration has argued that its domestic intelligence program
complied with the law because it simply scanned the metadata of email transactions to
search for anomalies rather than accessing the content of those emails. As a recent
article in The Economist (2013) pointed
out, however, while the usefulness of metadata in an analog era was limited (hence the
lower evidentiary standards required in courts to obtain that information), today,
thanks to the internet, “metadata can now provide a detailed portrait of who
people know, where they go, and their daily routines.” (para. 8) Therefore, the
argument that random metadata searches do not violate users’ privacy becomes
difficult to sustain.

The business of data storage and
retrieval

The cost of
storing digital data has fallen dramatically in the past 20 years, making the retention
of vast quantities of individual data routine and cheap. This incentivizes the
retention of digital information in ‘the cloud’ for longer periods of time.
This creates a valuable resource for commercial data miners and law enforcement
officials alike. As WiredMagazine (Copeland, 2013) outlined in its 20th
anniversary edition, in 1993 a gigabyte of computer hard drive space cost almost
$1,900.00; today the same amount of digital storage space is worth four cents. This
dramatic drop in the cost of storage naturally encourages the retention of digital
information by companies and the government. This raises important privacy concerns.
Mobile telephone providers, such as Verizon, AT&T, and T-Mobile, regularly store
customer metadata (the records of all their telephone communications, including
location information) for 18–24 months depending on the carrier. Companies like
Google and Dropbox offer generous amounts of online data storage (‘cloud
computing’) to users in exchange for the ability to target those consumers with
advertising and marketing messages. Companies like Facebook and Twitter profit
handsomely by mining their massive storehouses of user data for the purposes of target
marketing to specific users.

The blurred line between corporate and
government data mining

Lastly, the
Snowden leaks have revealed that the wall between corporate and government data mining
is paper thin. Since the revelations about the NSA became public, technology companies
like Apple and Google have publicized the fact that they have received thousands of NSA
requests for individual user data over the past 12 months. While some companies have
resisted handing over user data without a specific warrant from the government, other
technology companies have complied without challenge, worried about the implication of
refusing the federal government. Additionally, as a headline article in The New York
Times (Sengupta, 2013)outlined, the NSA
and FBI have, increasingly, routinely analyzed huge databases of online communications.
They have signed lucrative contracts with Silicon Valley technology companies to
perform these analyses. The New York Times also uncovered the existence of a
revolving door between technology companies and the government. For example, former
Facebook Chief Security Officer Max Kelly was hired by the NSA in 2010 (Risen and Wingfield, 2013). Such arrangements create
a clear conflict of interest for the companies to whom we have entrusted our data. For
the first time, these companies may have both a legal and financial interest in
handing over sensitive personal information to government agencies. Of all of the
recent revelations about the mining of individual data, this one is perhaps the most
troubling.

What’s the harm?

Given these
threats to individual privacy online, what’s the harm if programs like PRISM have
been effective in thwarting potential terrorist attacks? Snowden answered this question
himself in his infamous interview with The Guardian newspaper (Greenwald, 2013) by saying:

Because even if you’re not doing anything wrong you’re
being watched and recorded. And the storage capability of these systems increases every
year consistently by orders of magnitude to where it’s getting to the point where
you don’t have to have done anything wrong. You simply have to eventually fall
under suspicion from somebody even by a wrong call. (7:14–7:33)

Snowden is
alluding here to the problem of ‘collateral damage’ arising from the search
of online personal data. Innocent citizens may be caught up in data searches that are
meant to locate illegal activities. This problem was most recently demonstrated in 2012
when a warrant to search the email account of Paula Broadwell for a harassment charge
unwittingly uncovered an extramarital affair between her and David Petraeus, the then
CIA Director and former General. These targeted searches also reverse the burden of
proof. Once someone is targeted for government scrutiny because of an email they may
have sent, it becomes difficult for them to clear their name.

Additionally, we
may have started down a path that will be difficult to alter. Once companies and
governments begin collecting and storing citizens’ private data, those
institutions will continue to imagine new uses for such data, if only to justify the
expense of gathering and storing it. History and human nature tell us that the storage
and sorting of online personal data will increasingly become the solution to problems
we haven’t even yet encountered, alongside existing problems (tracking
terrorists, criminals, tax evaders, copyright violators, etc.)

The public and the role of critical
scholarship

Given that we
still live in a liberal democracy, what is the public’s role in this process?
Shouldn’t citizens help to shape a proper balance between privacy and security?
In The Panoptic Sort, Gandy traced the social origins of privacy and considered
the available cognitive strategies for a public trying to grapple with this amorphous
concept within a changing techno-cultural environment. In focus group interviews, Gandy
explored the types of information consumers had about the technologies that could be
used to observe and profile them. Respondents were asked whether they thought these
practices were legitimate, and whether they had reflected upon the sharing of private
information among interested parties (including sharing between private corporations
and government agencies). These 1992 focus group participants were quite sophisticated
in their responses, observing that the gathering of personal information may be
justified or even beneficial in some cases, but that no information “should ever
be used to restrict or limit one’s pursuits, happiness, or joy of life”
(Gandy, 1993: 135). Gandy also cited
nationwide polling conducted in 1990 by Equifax, which found that 46 percent of
respondents were “very concerned” about “threats to... their personal
privacy” (Gandy, 1993: 140). Today, in a
post-September 11 society, the surreptitious gathering of personal information has
reached new heights, yet public opinion on the appropriate boundaries of private
information retrieval has shifted markedly. A recent poll conducted by the Pew Research
Center, for example, found that 56 percent of Americans approve of the NSA’s
tracking of phone records as an acceptable method of combatting terrorism (Pew Research Center, 2013). In that same poll,
respondents were almost equally divided about the NSA’s policy of scanning all
emails to prevent terrorism; 52 percent disapproved while 45 percent
approved.

We see a somewhat
disturbing trend here. While the tools available to gather, store and process personal
information have dramatically expanded in the past 20 years, the public’s privacy
concerns seem to have abated, albeit only slightly. Increased terrorism fears are no
doubt one of the prime catalysts for this, but we should not discount the prospect that
popularization of email, search engines like Google and social media have lessened our
inhibitions regarding the sharing and monitoring of personal information. As Mark
Andrejevic (2005, 2007, 2009) has noted in his
impressive corpus of research, citizens are not only being continually monitored by
corporations and law enforcement, they are essentially monitoring each other. This is
what he calls ‘lateral surveillance’. At a time when we are encouraged to
continually monitor our friends, relatives, neighbors and acquaintances via social
networking, the legitimate boundaries surrounding our private information have been
blurred.

As
Snowden’s startling NSA revelations demonstrate, shifts in the nature of digital
privacy require a vigorous response from critical scholars. Following Gandy’s
1993 book, there needs to be more research on the political economy of personal data
gathering, storage and analysis. Rather than accept these new technological systems as
a starting point for analysis, we should question the philosophical and institutional
foundations of the modern surveillance state. As Gandy noted in his conclusion, we
should not jump on the metaphorical train to the future without first addressing its
path and destination. He wrote:

It is the work of critical scholarship to raise doubts in the minds of
the other passengers, to give voice to their unspoken concerns about the competence of
the engineers, to validate their mistrust of the digitized voices that announce the
next station or the final destination. It is the work of critical scholarship to speak
to the engineers, to wonder aloud with them about whether the tracks will carry a train
this long, this fast, that far. (Gandy, 1993: 230)

Along with a
greater awareness of the personal data industry and the hand-in-glove cooperation among
technology companies, law enforcement authorities, and intelligence agencies, we need
to provide mechanisms for the public to guide policymakers about the appropriate
parameters of online surveillance. For example, to what extent are we willing to accept
online surveillance in the service of public safety? For public discussion to occur, we
need more transparency from both corporations and the government about the ways in
which our data are gathered, stored, and searched. Without this transparency, we will
be living in a data panopticon with little chance for escape.

Author Bio

John L. Sullivan
is Associate Professor of Media and Communication at Muhlenberg College in Allentown,
PA. He received his Master’s and Ph.D. degrees in Communication from the
Annenberg School for Communication at the University of Pennsylvania. His research
interests include media industries and the institutional construction of audiences; the
political economy of cultural production; the political economy of free, open source
software (FOSS) movements; the history of cultural production studies; the
historiography of mass communication; and U.S. media policy implementation. He is the
author of Media Audiences: Effects, Users, Institutions and Power
(Sage, 2013).